Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Cyber security is something that many consumers view more as a theoretical concept than an issue worth worrying about. After all, the majority of consumers have never been hacked or watched their bank accounts siphoned of cash. For many folks, security issues are read about, never experienced.

But that might soon change. A so-called “cyber gang” of Botmasters was discovered in October to be working on a scheme that would allow them to target customer accounts at 30 banks, including Chase, Citibank, and even PayPal, and steal money from unsuspecting victims.

According to security researchers, the scheme involves cloning compromised computers to make a bank’s login system believe that the person signing on to the online banking is doing so from their home computer. The technique allows the hackers to subvert security questions that are designed to stop theft, and allow them only to focus on obtaining passwords.

Once logged into the victim’s account, the hackers would transfer small amounts of cash to their own accounts. The idea is to attack thousands of accounts, but only withdraw a little amount to reduce chances of being caught.

To make matters worse, security researchers at McAfee reported (PDF) last week that they now believe the hackers have successfully attempted their technique on at least 300 to 500 bank accounts. They plan to launch “Project Blitzkrieg” against the banks and thousands of accounts in the Spring.

That is, unless something has changed.

Soon after RSA announced its findings, security writer Brian Krebs posted to his blog that a Russian hacker who goes by the nickname “vorVzakone” is behind the attack. That hacker wrote in September on a forum posting that the initial goal of Project Blitzkrieg was to “process large amount of the given material before anti-fraud measures are increased” at U.S.-based banks.

The RSA’s findings and subsequent research performed by security experts pushed the hacker further underground, calling into question whether the attack will happen at all.

“I can’t find him anywhere,” Krebs said of “vorVzakone” in an interview with CNNMoney published last week. “Either bringing this to light scuttled any plans to go forward, or it’s still moving ahead cautiously under a much more protective cover.”

McAfee researchers also can’t determine whether the attack will happen. However, the researchers are saying for now that they believe that it will “be moving forward as planned.”

Although the scale of Project Blitzkrieg is unprecedented, attacks on banks that lead to millions in cash stolen is by no means unique. In fact, a Trojan known as “Gozi Prinimalka” – a variant of which could be used in Project Blitzkrieg –  has been used by a so-called “crime gang” steal at least $5 million in funds from bank accounts, Krebs says.

It’s believed that the hackers will only target U.S. banks. According to Krebs, that’s because European banks require two-factor authentication when verifying a bank transfer. The majority of U.S. banks allow transfers with a single-factor authentication.

3 comments. Share your thoughts »

Tagged: Computing, Web

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me